We've had a couple of incidents in the last couple of weeks here in the UK where criminals posing as computer engineers have fitted KVM's on to computers inside of bank branches, and transferred the cash out that way. Don't assume it's your end that's been compromised! :)
http://www.theregister.co.uk/2013/09/20/barclays_cyber_cops_make_arrests/ http://www.bbc.co.uk/news/uk-england-london-24077094 From: [email protected] [mailto:[email protected]] On Behalf Of James Hill Sent: 26 September 2013 08:38 To: [email protected] Subject: [NTSysADM] RE: Bank funds stolen without access to rsa token, anyone heard of that? No I'm not. The suspicion is malicious software on the computer that was normally used. James. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Ken Schaefer Sent: Thursday, 26 September 2013 5:32 PM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] RE: Bank funds stolen without access to rsa token, anyone heard of that? Are you 100% sure this was done via the internet banking site? Cheers Ken From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of James Hill Sent: Thursday, 26 September 2013 5:24 PM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] Bank funds stolen without access to rsa token, anyone heard of that? I've recently been in discussion with someone who has had money stolen from their bank account. I have seen examples of this in the past when the only authentication in place was a password. But in this case they had two factor authentication. A password and an RSA token. They had funds transferred to an overseas bank account. For this to occur it would normally require logging on to the internet banking system with the password and token code. Then enter the external transfer area, enter the details then enter in the current token code. Has anyone ever heard of this occurring? James. === STEMCOR CONFIDENTIALITY AND DISCLAIMER NOTICE This e-mail is intended only for the addressees named in it. The contents should not be disclosed to any other person nor copies taken. Any views or opinions presented are solely those of the sender and do not necessarily represent those of Stemcor unless otherwise specifically stated. Stemcor does not accept legal responsibility for the contents of this message nor responsibility for any change made to it after it was sent by the original sender. You are advised to carry out a virus check before opening any attachment as Stemcor does not accept liability for any damage sustained as a result of any software viruses. You should be aware that Stemcor reserves the right to read incoming and outgoing emails. ===
